So pm2 (a node process manager package on npm) just caused thousands of CI builds to fail because of an "optionalDependency" on a package called gkt which is requested as a tarball from a server that was returning 503. That package consists of one file which contains this

Welcome to open source. Where anarchy is expected to work just fine.

Reminds of lpad npm dependency controversy

https://qz.com/646467/...

@noder now in all honesty.. who the fuck says no to 30k $ for a fucken project.

And external dependencies are the way forward 😂

@nitwhiz as I understand he asked for 30k and was rejected

I mean, it's an optional dependency after all :P

And the worst part is how everyone just took it at face value without asking weather or not it happened.

So here's the github issue https://github.com/Unitech/pm2/...

And here's the company behind PM2's reason for that "optional dependency" https://twitter.com/keymetrics_io/...

(And i have no idea about the supposed thousands of CI builds)

@nitwhiz Actually this is more of a lesson in why reinventing the wheel is a bad idea, something I've heard happens a lot in closed source environments

@irene - lpad has 11 lines, but check this one 'isarray' - https://npmjs.com/package/isarray/

It has 21M weekly downloads, but the actual code is just 4 lines - https://github.com/juliangruber/...

Fun part is, there is another NPM package that does the same as 'isarray' - 'is-array' (with a hyphen).

awesome, isnt it? lets let the community manage packages

@noder even more funny thing is that ES6 supports that natively.
Array.isArray

@Froot - Even more funnier is that the isarray npm package internally uses Array.isArray

@noder that's.... That's genius actually.
And here I am writing libraries that actually do shit that isnt covered by other libraries out there. Fuck me

Welcome to NPM Hell.

@nitwhiz fuck that was good....stealing it

wtf im in agony and in insane laughter at the same time.